Security of using same username/password for all users in WPA/WPA2-Enterprise
Security of using same username/password for all users in WPA/WPA2-Enterprise. Discuss Security of using same username/password for all users in WPA/WPA2-Enterprise, on Wireless Forums.
Discuss 802.11, WiMax, CDMA, Bluetooth and other wireless communications.
Security of using same username/password for all users in WPA/WPA2-Enterprise
I have a question about using the same username/password for all users in a WPA/WPA2-Enterprise setup. I have this question because the Hong Kong government has launched a city-wide Wi-fi initiative which provides two security levels: one is no encryption at all and the other is to use a pre-set username/password with WPA/WPA2-Enterprise (not Personal). Details are at GovWiFi: Usage Guide.
I think this is very insecure and data can be decrypted if I can sniff all packets from the time a user joins the AP, because I can get the Pairewise Master Key and all other keys by decrypting the packets by using the pre-defined username/password.
Does this usage of WPA/WPA-2 Enterprise effectively degrades to WPA/WPA-2 Personal? As I know their difference is the lack of authentication in the latter, while the encryption (TKIP or CCMP) are the same, so by using just one credential for all users means there's one and only one preshared key.
Security of using same username/password for all users in WPA/WPA2-Enterprise 
Linear Mode
